Interaction between a network identity service and account-based service applications

ABSTRACT

A hardware system enables computer network interaction between network identity services and account-based service applications. In some examples, the network identity service biometrically identifies people. The network identity services and/or account-based service applications interact to exchange data in order to monitor, track, initiate, and/or cooperatively and/or individually perform various functions while protecting data that should not be shared and minimizing communication network usage and hardware and software resources. This interaction enables both to accomplish more and different tasks than they could individually while improving operational efficiency of hardware and software components of both.

CROSS-REFERENCE TO RELATED APPLICATION(S)

This application is a nonprovisional patent application of and claimsthe benefit of U.S. Provisional Patent Application No. 62/773,014, filedNov. 29, 2018 and titled “Interaction Between a Network identity Serviceand Account-Based Service Applications,” the disclosure of which ishereby incorporated herein by reference in its entirety.

FIELD

The described embodiments relate generally to computer networkinteractions between network applications. More particularly, thepresent embodiments relate to computer network interaction betweennetwork identity services and account-based service applications.

BACKGROUND

A network identity service may be a service that controls access tostored identity information over a network to perform and/or facilitatevarious functions. Network identity services may compare receivedidentification information to stored identification information tolocate and/or allow access to stored identity information. For example,this kind of network identity service may be used to authenticate and/orverify the identity of a person, such as for controlling access toroutine and/or expedited airport or other security screening, boardingcontrol, and so on.

Account-based service applications allow people to create accounts thatmay be used to request goods and/or services. Such account-based serviceapplications may be accessed via a mobile app, web browser, or otherapplication. For example, this kind of account-based service applicationmay be used to order ridesharing services, food or other deliveryservices, and so on using personal information stored for the account.

SUMMARY

The present disclosure relates to computer network interaction betweennetwork identity services and account-based service applications. Thenetwork identity services and/or account-based service applicationsinteract to exchange data in order to monitor, track, initiate, and/orcooperatively and/or individually perform various functions whileprotecting data that should not be shared and minimizing communicationnetwork usage and hardware and software resources. This interactionenables both to accomplish more and different tasks than they couldindividually while improving operational efficiency of hardware andsoftware components of both.

In some embodiments, a system for computer network interaction between anetwork identity service and an account-based service applicationincludes at least one non-transitory storage medium that storesinstructions and at least one processor. The at least one processorexecutes the instructions to identify a person for flight screening,determine the person is a rideshare service application account holder,and transmit a message to facilitate a rideshare service for the personupon arrival.

In various examples, the system further includes a biometric readerdevice and the at least one processor identifies the person by receivinga digital representation of a biometric and comparing the digitalrepresentation of the biometric to stored biometric data. In someimplementations of such examples, the digital representation of thebiometric is at least one of a facial image, an iris image, or a retinaimage.

In some examples, the at least one processor transmits the message to anelectronic device associated with the person. In various implementationsof such examples, the message allows the person to request the rideshareservice. In some implementations of such examples, the message launchesa rideshare service interface application on the electronic device.

In various examples, the at least one processor transmits the message toan electronic device associated with a rideshare service application. Insome implementations of such examples, the message initiates therideshare service for the person.

In some examples, the at least one processor determines the person isthe rideshare service application account holder by accessing identityinformation stored for the person. In various examples, the at least oneprocessor processes a payment for the rideshare service. In someimplementations of such examples, the at least one processor processesthe payment using identity information stored for the person.

In various embodiments, a system for computer network interactionbetween a network identity service and an account-based serviceapplication includes at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor executes the instructions to receive a rideshare serviceapplication request to an airport for a person, determine the person isan identity service member, and provide direction to an identity servicefacility upon arrival.

In various embodiments, a system for computer network interactionbetween a network identity service and an account-based serviceapplication includes at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor executes the instructions to identify a person for flightscreening, determine the person is not a rideshare service applicationaccount holder, enroll the person in a rideshare service application,and transmit a message to facilitate a rideshare service for the personupon arrival.

In various embodiments, a system for computer network interactionbetween a network identity service and an account-based serviceapplication includes at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor executes the instructions to receive a rideshare serviceapplication request to an airport for a person, determine the person isnot an identity service member, enroll the person in an identityservice, and provide direction to an identity service facility uponarrival.

In various embodiments, a system for computer network interactionbetween a network identity service and an account-based serviceapplication includes at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor executes the instructions to receive a rideshare serviceapplication request to an airport for a person, determine the person isan identity service member, arrange for the person to be taken to anidentity service facility upon arrival, identify the person atscreening, determine the person boards a flight, transmit a firstmessage to facilitate a rideshare service for the person on arrival, andtransmit a second message to facilitate food delivery service for theperson to correspond to rideshare completion.

In some embodiments, a system for computer network interaction between anetwork identity service and an account-based service applicationincludes at least one non-transitory storage medium that storesinstructions and at least one processor. The at least one processorexecutes the instructions to identify a person for flight screeningusing the network identity service, determine the person is a rideshareservice application account holder, and transmit a message to facilitatea rideshare service for the person upon arrival.

In a number of examples, the system further includes a biometric readerdevice wherein the at least one processor identifies the person byreceiving a digital representation of a biometric and comparing thedigital representation of the biometric to stored biometric data. Insome implementations of such examples, the digital representation of thebiometric includes at least one of a facial image, an iris image, or aretina image.

In various examples, the at least one processor transmits the message toan electronic device associated with the person. In a number ofimplementations of such examples, the message allows the person torequest the rideshare service. In other implementations of suchexamples, the message launches a rideshare service interface applicationon the electronic device.

In some examples, the at least one processor transmits the message to anelectronic device associated with a rideshare service application. Invarious implementations of such examples, the message initiates therideshare service for the person.

In a number of examples, the at least one processor determines theperson is the rideshare service application account holder by accessingidentity information stored for the person. In various examples, the atleast one processor processes a payment for the rideshare service. Insome implementations of such examples, the at least one processorprocesses the payment using identity information stored for the person.

In various examples the person is a first person and the at least oneprocessor identifies a second person for the flight screening using theusing the network identity service, determines the second person is notenrolled in the rideshare service application, and enrolls the person inthe rideshare service application. In a number of implementations ofsuch examples, the at least one processor facilitates the rideshareservice for the second person upon arrival.

In some examples, the at least one processor determines whether theperson boarded a flight before transmitting the message. In a number ofexamples, the message is a first message and the at least one processortransmits a second message to facilitate food delivery service for theperson to correspond to rideshare completion.

In various embodiments, a system for computer network interactionbetween a network identity service and an account-based serviceapplication includes at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor executes the instructions to receive a rideshare serviceapplication request to an airport for a person, determine the person isan identity service member, and provide direction to an identity servicefacility upon arrival.

In some examples, the person is a first person, the rideshare serviceapplication request is a first service application request, and the atleast one processor receives a second rideshare service applicationrequest for a second person, determines the second person is notenrolled in the network identity service, and enrolls the second personin the network identity service. In various examples the at least oneprocessor uses information stored for the second person in a rideshareservice application associated with the second rideshare serviceapplication request to enroll the second person in the network identityservice.

In a number of embodiments, a system for computer network interactionbetween a network identity service and an account-based serviceapplication includes at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor executes the instructions to identify a person for securityscreening using the network identity service, determine the person is aservice application account holder, and transmit a message to facilitatea service for the person.

In various examples, the network identity service biometricallyidentifies the person.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure will be readily understood by the following detaileddescription in conjunction with the accompanying drawings, wherein likereference numerals designate like structural elements.

FIG. 1 depicts an example system for computer network interactionbetween network identity services and account-based serviceapplications.

FIG. 2 depicts a flow chart illustrating a first example method forcomputer network interaction between network identity services andaccount-based service applications. This method may be performed by thesystem of FIG. 1 .

FIG. 3 depicts a flow chart illustrating a second example method forcomputer network interaction between network identity services andaccount-based service applications. This method may be performed by thesystem of FIG. 1 .

FIG. 4 depicts a flow chart illustrating a third example method forcomputer network interaction between network identity services andaccount-based service applications. This method may be performed by thesystem of FIG. 1 .

FIG. 5 depicts a flow chart illustrating a fourth example method forcomputer network interaction between network identity services andaccount-based service applications. This method may be performed by thesystem of FIG. 1 .

FIG. 6 depicts a flow chart illustrating a fifth example method forcomputer network interaction between network identity services andaccount-based service applications. This method may be performed by thesystem of FIG. 1 .

DETAILED DESCRIPTION

Reference will now be made in detail to representative embodimentsillustrated in the accompanying drawings. It should be understood thatthe following descriptions are not intended to limit the embodiments toone preferred embodiment. To the contrary, it is intended to coveralternatives, modifications, and equivalents as can be included withinthe spirit and scope of the described embodiments as defined by theappended claims.

The description that follows includes sample systems, methods, andcomputer program products that embody various elements of the presentdisclosure. However, it should be understood that the describeddisclosure may be practiced in a variety of forms in addition to thosedescribed herein.

Network identity services and account-based service applications canperform a wide variety of functions. However, the functions they performare typically different and separate. In implementations where they maybe configured to perform similar functions, excess resources areconsumed in designing such functions, configuring such functions, andsupporting such functions. Enabling interactions between networkidentity services and account-based service applications extends thefunctions that network identity services and account-based serviceapplications and/or the electronic devices used to implement them canperform. Enabling such interactions also reduces redundant componentsand/or configuration, system complexity, and hardware and softwareresource consumption.

The present embodiments relate to computer network interaction betweennetwork identity services and account-based service applications. Thenetwork identity services and/or account-based service applicationsinteract to exchange data in order to monitor, track, initiate, and/orcooperatively and/or individually perform various functions whileprotecting data that should not be shared and minimizing communicationnetwork usage and hardware and software resources. This interactionenables both to accomplish more and different tasks than they couldindividually while improving operational efficiency of hardware andsoftware components of both.

These and other embodiments are discussed below with reference to FIGS.1-6 . However, those skilled in the art will readily appreciate that thedetailed description given herein with respect to these Figures is forexplanatory purposes only and should not be construed as limiting.

FIG. 1 depicts an example system for computer network interactionbetween network identity services and account-based serviceapplications. The system 100 may include one or more identity services101, one or more service applications 102, and/or one or more electronicdevices 103 that may be operative to communicate with each other via oneor more communication networks 104.

The electronic device 103 may be any kind of electronic device, such asa computing device, a laptop computing device, a desktop computingdevice, a vehicle, a tablet computing device, a mobile computing device,a wearable computing device, a mobile telephone, a smart phone, and soon. The identity services 101 and the service applications 102 may beimplemented using one or more identity service devices 105 and one ormore service application devices 106, which may likewise be one or moreof any kind of electronic devices arranged in any kind of individualand/or cloud or other cooperative computing arrangement.

The identity service 101 may be a service that controls access to storedidentity information (such as name, social security number, phonenumber, address, financial account numbers or statuses, credit cardand/or other payment information, boarding pass information, and so on)over the network 104 to perform and/or facilitate various functions. Invarious implementations, the identity service 101 may compare receivedidentification information (such as one or more hashes and/or otherdigital representations of biometrics like one or more digitalrepresentations of one or more facial images, retina images, irisimages, fingerprints, voice prints, gaits, and so on) to storedidentification information (such as stored biometric data) to locateand/or allow access to stored identity information. By way ofillustration, a digital representation of a biometric may be encodedinto a data structure, transmitted over the network 104, and provided toa matching engine for that type of biometric by a processor 114 wherethe matching engine compares the digital representation of the biometricextracted from the data structure to stored biometric data in anon-transitory storage medium 115. For example, the identity service 101may be used to authenticate and/or verify the identity of a person, suchas for controlling access to routine and/or expedited airport or othersecurity screening, boarding control, and so on.

The service applications 102 may allow people to create accounts thatmay be used to request goods and/or services. The service applications102 may be accessed via a mobile app, web browser, or other application.The account may store personal information such as name, address,telephone number, credit card or other payment information, and so on.The mobile app, web browser, or other application may be used to requestgoods and/or services for the account using the personal informationstored for the account. For example, the service applications 102 may beused to order ridesharing services, food or other delivery services, andso on.

The electronic device 103 may include one or more processors 107,non-transitory storage media 108 (which may take the form of, but is notlimited to, a magnetic storage medium; optical storage medium;magneto-optical storage medium; read only memory; random access memory;erasable programmable memory; flash memory; and so on), communicationunits 109, biometric reader devices 110 (such as one or more cameras,microphones, fingerprint readers, phosphorescent fingerprint scanners,3D sensor, and/or any other device operable to obtain digitalrepresentations of one or more biometrics), input/output components 111(such as one or more touch screens, displays, buttons, keyboards,computer mice, touch panels, switches, microphones, and so on), and soon. The processor 107 may execute instructions stored in the storagemedium 108 to perform various functions, such as to implement one ormore identity service interface applications 112 and/or serviceapplication interface applications 113 (which may be mobile apps, webbrowsers, or other applications) to communicate with the identityservice 101 and/or the service application 102 over the network 104 viathe communication unit 109.

Likewise, the identity service device 105 may include one or moreprocessors 114, non-transitory storage media 115, communication units116, and so on. The processor 114 may execute instructions stored in thestorage media 115 to perform various functions, such as to communicatewith the identity service interface application 112 and/or the serviceapplication 102 via the network 104 using the communication unit 116.

Similarly, the service application device 106 may include one or moreprocessors 117, non-transitory storage media 118, communication units119, and so on. The processor 117 may execute instructions stored in thestorage media 118 to perform various functions, such as to communicatewith the service application interface application 113 and/or theidentity service device 105 via the network 104 using the communicationunit 119.

FIG. 2 depicts a flow chart illustrating a first example method 200 forcomputer network interaction between network identity services andaccount-based service applications. This method 200 may be performed bythe system 100 of FIG. 1 .

At operation 210, an electronic device identifies a person for flightscreening. For example, a digital representation of a biometric may beobtained using a biometric reader (such as a facial image, a retinaimage, an iris image, and so on that may be obtained using a camera orother imaging or sensing device) and compared to stored biometric dataassociated with identity information for the person. The identityinformation may authenticate and/or verify the identity of the person,whether or not the person has a valid flight at a respective airport,and so on.

At operation 220, the electronic device may determine whether or not theperson is a rideshare service application account holder. For example,an identity service may store data regarding rideshare serviceapplication accounts for the person in stored identity information.Rideshare service application accounts may similarly store informationassociated with the account regarding identity service with which aperson may be enrolled. Such information may be recorded in therespective systems based on interaction between rideshare serviceapplications and identity service apps or applications executing on anelectronic device controlled by a person, by the person using OAUTH(Open Authorization) or similar techniques to limitedly log in to theidentity service from the rideshare service application account and/orfrom the rideshare service application account to the identity serviceto link accounts, by exchange of information between the rideshareservice application account and the identity service, and so on.

At operation 230, the electronic device transmits a message tofacilitate rideshare service for the person upon arrival. For example,the electronic device may transmit a message to the person's phone afterarrival that rideshare services are available and/or where to meet sucha rideshare service. Such a message may launch a rideshare serviceapplication interface application that the person may use to request therideshare service. By way of another example, the electronic device maytransmit a message to the rideshare service application to schedule therideshare service, such as using boarding pass and/or other informationstored in relation to identity information. In some implementations, theelectronic device may also transmit a message to an electronic deviceassociated with the person regarding the rideshare service that has beenscheduled. In various implementations, an application for the identityservice executing on the person's mobile phone may include a button thatcan be clicked to request a rideshare.

Although the example method 200 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 200 is illustrated and described as determiningwhether or not the person is a rideshare service application accountmember. However, in various implementations, all identity servicemembers may be given accounts with the rideshare service application. Insuch an implementation, operation 220 may be omitted. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

In other examples, a rideshare service stand outside the airport may beequipped with a camera for capturing facial images. The person may walkup to have his picture taken and an electronic device may use the facialimage to identify the person and request a rideshare for the personusing identity information stored for the person and/or rideshareservice application account information. This may enable particularlyfrictionless experiences for the person.

In still other examples, the electronic device may access airline ticketinformation and/or other information related to identity information todetermine that the person's flight includes other people who areassociated with the person. Such other people may be related travelers,family, friends, business associates, and so on. Such other people mayuse the same rideshare as the person. As such, when transmitting themessage, the electronic device may include details regarding these otherpeople and/or otherwise take these other people into account so that therideshare may be able to accommodate everyone and/or all destinations ifthe people are not all going to the same place.

In various examples, this example method 200 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed by one or more computing devices, such as the identityservice device 105, the service application device 106, and/or theelectronic device 103 of FIG. 1 .

FIG. 3 depicts a flow chart illustrating a second example method 300 forcomputer network interaction between network identity services andaccount-based service applications. This method 300 may be performed bythe system 100 of FIG. 1 .

At operation 310 an electronic device may receive a rideshare serviceapplication request to an airport for a person. At operation 320, theelectronic device may determine that the person is an identity servicemember.

For example, the electronic device my look up information associatedwith the person's rideshare service application account to determinethat the person is an identity service member when the person requeststhe rideshare or when the person enters the rideshare. In otherexamples, a digital representation of a biometric for the person (suchas a facial image, an iris image, a retina image, and so on) may beobtained by an electronic device (such as one associated with theperson, the rideshare, and so on) when the person enters the rideshareand such a digital representation of a biometric may be transmitted tothe identity service to determine whether or not the person is a member.

At operation 330, the electronic device may provide a direction to anidentity service facility upon arrival. For example, the electronicdevice may transmit such directions to the person's mobile telephone,transmit such directions to an electronic device controlled by thedriver who is instructed to provide the directions to the person, and soon. The identity service facility may be a routine and/or expeditedsecurity screening or boarding, a lounge or other area accessible toidentity service members, and so on.

Although the example method 300 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 300 is illustrated and described as providing adirection to an identity service facility upon arrival. However, it isunderstood that this is an example. In some implementations, thedirection may be provided prior to arrival. In various implementations,the directions may include a map. In some implementations, a driver maybe instructed to drop the person at a particular location rather thanproviding a direction. In various implementations, one or more messagesmay be transmitted to the identity service, the airport, airportsecurity, an airline, or other entity regarding the person's arrival forpurposes of flow control, security, preparation of rewards or otherentitlements for the person to be presented upon arrival at the identityservice facility, and so on. Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

In various examples, this example method 300 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed by one or more computing devices, such as the identityservice device 105, the service application device 106, and/or theelectronic device 103 of FIG. 1 .

FIG. 4 depicts a flow chart illustrating a third example method 400 forcomputer network interaction between network identity services andaccount-based service applications. This method 400 may be performed bythe system 100 of FIG. 1 .

At operation 410, an electronic device identifies a person for a flightscreening. At operation 420, the electronic device determines that theperson is not a rideshare service application account holder. Atoperation 430, the electronic device enrolls the person in a rideshareservice application.

For example, the electronic device may automatically use identityinformation stored for the person to set up an account for the personwith the rideshare service application. This may involve transmittingone or more messages and/or downloading one or more mobile apps orapplications to an electronic device controlled by the person thatenable use of the account. In many implementations, the person may beprompted to accept such an account enrollment prior to any action beingtaken.

In some implementations, at operation 440, the electronic device mayalso transmit a message to facilitate a rideshare service for the personupon arrival. In some examples, this may be part of the enrollment. Inother examples, the person may be presented with an option to schedulethe rideshare after enrollment. Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

By way of another example, the electronic device may transmit a messageto the person's mobile phone or other device offering to enroll theperson in the rideshare service application. The electronic device mayoffer one or more discounts or other incentives for accepting theenrollment.

In still other examples, the electronic device may provide a message tothe person regarding the rideshare service application without assistingin enrollment. The person may then use other means to enroll if theperson desires to do so. Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

Although the example method 400 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 400 is illustrated and described as transmittinga message to facilitate the rideshare. However, in other examples, theelectronic device may enroll the person and allow the person todetermine whether or not to request a rideshare himself. In suchexamples, operation 440 may be omitted. Various configurations arepossible and contemplated without departing from the scope of thepresent disclosure.

In various examples, this example method 400 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed by one or more computing devices, such as the identityservice device 105, the service application device 106, and/or theelectronic device 103 of FIG. 1 .

FIG. 5 depicts a flow chart illustrating a fourth example method 500 forcomputer network interaction between network identity services andaccount-based service applications. This method 500 may be performed bythe system 100 of FIG. 1 .

At operation 510, an electronic device may receive a rideshare serviceapplication request to an airport for a person. At operation 520, theelectronic device may determine that the person is not an identityservice member. At operation 530, the electronic device may enroll orinitiate enrollment for the person in the identity service.

For example, in some implementations, the electronic device may directthe person to be delivered to and/or directed to an enrollment locationat the airport upon arrival. The person may then enroll upon arrival.

In other implementations, an option to enroll may be transmitted toand/or presented on an electronic device (such as an identity servicebutton presented in a mobile app for the rideshare service application),such as the person's mobile telephone, an electronic device in therideshare, and so on. The person may submit information for enrollment,and/or account information stored by the rideshare service applicationmay be transmitted to the identity service as part of the enrollment.This may have some inherent trustworthiness as the identity service canat least be certain that the person submitting the information hadaccess to the person's rideshare service application account. Digitalrepresentations of biometrics and/or other information (such as apicture of an identification like a driver's license or passport) may becaptured during the rideshare and/or obtained at an identity servicefacility upon arrival.

For example, a person may be able to complete part of the enrollmentduring the rideshare and provide one or more digital representations ofbiometrics at an identity service device upon arrival. By way ofillustration, the person may provide a picture of his driver's licensewhile enrolling during the rideshare and then provide a facial imageupon arrival, which may be matched to the image of the driver's licensefor authentication purposes. In some implementations, such partialenrollment may allow operations that do not involve human oversight tobe completed during the rideshare while allowing operations that doinvolve human oversight to be completed upon reaching an identityservice facility where such human oversight may be available. In someimplementations, the driver of the rideshare may be authorized toprovide such human oversight during the rideshare. In variousimplementations, a system involving partial enrollments may use tieredconfidence levels where a partial enrollment is associated with a lowerconfidence level for enrollment than a complete enrollment but may stillbe usable in some identity service functions. In other examples, theperson may confirm a rideshare service application account credential tothe identity service device for authentication purposes.

In some examples, payment information associated with the person'srideshare service application account may be used to pay for theidentity service enrollment. In some implementations of such examples,the rideshare service application may process the payment for theenrollment. In other implementations of such examples, the rideshareservice application may provide the payment information to the identityservice, such as upon authorization to do so by the person. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

At operation 540, the electronic device may provide direction to theidentity service facility upon arrival. Such a facility may be a routineand/or expedited screening or boarding, a lounge or other facility, anenrollment center or device (such as a kiosk), and so on.

Although the example method 500 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 500 is illustrated and described as providingdirection to the identity service facility upon arrival. However, it isunderstood that this is an example and operation 540 may be omitted insome implementations. Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

In various examples, this example method 500 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed by one or more computing devices, such as the identityservice device 105, the service application device 106, and/or theelectronic device 103 of FIG. 1 .

FIG. 6 depicts a flow chart illustrating a fifth example method 600 forcomputer network interaction between network identity services andaccount-based service applications. This method 600 may be performed bythe system 100 of FIG. 1 .

At operation 610, a system may receive a rideshare service applicationrequest to an airport for a person. At operation 620, the system maydetermine that the person is an identity service member. At operation630, the system may arrange for a person to be taken to an identityservice facility upon arrival. Such a facility may be a routine and/orexpedited screening or boarding, a lounge or other facility, and so on.

At operation 640, the system may identify the person at a screening. Atoperation 650, the system may determine that the person boards a flight.At operation 660, the electronic device may transmit a message tofacilitate a rideshare service for the person upon arrival.

Additionally, at operation 670, the system may transmit a message tofacilitate food delivery service for the person to correspond torideshare completion. In some examples, the rideshare serviceapplication may also be a food delivery service application and the sameservice application may be used to provide both functions. In otherexamples, the two service applications may be separate. In variousimplementations, the same vehicle may be used for the rideshare and thefood delivery. In other implementations, different vehicles may be used.In some implementations, these options and/or other options discussedherein may be determined based on input from the person, defaults and/orother preferences previously specified by the person, and so on.

Thus, the method 600 may encompass a number of actions facilitating theperson's journey from start to finish, including meal planning uponeventual termination of the journey. Such may not be possible withoutinteraction between the rideshare service application and the identityservice.

Although the example method 600 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 600 is illustrated and described as transmittinga message to facilitate food delivery. However, it is understood thatthis is an example. In various implementations, operation 670 may beomitted. Various configurations are possible and contemplated withoutdeparting from the scope of the present disclosure.

In various examples, this example method 600 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed by one or more computing devices, such as the identityservice device 105, the service application device 106, and/or theelectronic device 103 of FIG. 1 .

Although particular embodiments have been illustrated and describedabove, it is understood that these are examples. In variousimplementations, other computer network interaction between a networkidentity service and an account-based service application may beperformed without departing from the scope of the present disclosure.

For example, a rideshare service application may use an identity serviceto verify that a person getting into a rideshare is the person for whomthe rideshare is summoned. Alternatively, the rideshare serviceapplication may use the identity service to determine whether or not theperson is trustworthy for a rideshare, whether or not a driver istrustworthy for a rideshare, to process payment for a rideshare, toverify that a person is authorized to use payment information to pay fora rideshare and/or other transaction in implementations where therideshare service application may be used to pay for other transactions,and so on. Various configurations are possible and contemplated withoutdeparting from the scope of the present disclosure.

By way of another example, rideshare service applications and airlinesor other entities may implement loyalty, rewards, or related accountsfor people. In various implementations, an identity service may beoperable to interact with these various entities in order to link suchloyalty, rewards, or related accounts. For example, both flights andrideshares purchased from partnered rideshare service applications andairlines may be linked by an identity service to discount futurerideshares or flights and/or other free or otherwise discounted productsor services.

In some implementations, a system for computer network interactionbetween a network identity service and an account-based serviceapplication may include at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor may execute the instructions to identify a person for flightscreening, determine the person is a rideshare service applicationaccount holder, and transmit a message to facilitate a rideshare servicefor the person upon arrival.

In various examples, the system may further include a biometric readerdevice and the at least one processor may identify the person byreceiving a digital representation of a biometric and comparing thedigital representation of the biometric to stored biometric data. Insome such examples, the digital representation of the biometric may beat least one of a facial image, an iris image, or a retina image.

In some examples, the at least one processor may transmit the message toan electronic device associated with the person. In various suchexamples, the message may allow the person to request the rideshareservice. In some such examples, the message may launch a rideshareservice interface application on the electronic device.

In various examples, the at least one processor may transmit the messageto an electronic device associated with a rideshare service application.In some such examples, the message may initiate the rideshare servicefor the person.

In some examples, the at least one processor may determine the person isthe rideshare service application account holder by accessing identityinformation stored for the person. In various examples, the at least oneprocessor may process a payment for the rideshare service. In someimplementations of such examples, the at least one processor may processthe payment using identity information stored for the person.

In various embodiments, a system for computer network interactionbetween a network identity service and an account-based serviceapplication may include at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor may execute the instructions to receive a rideshare serviceapplication request to an airport for a person, determine the person isan identity service member, and provide direction to an identity servicefacility upon arrival.

In various embodiments, a system for computer network interactionbetween a network identity service and an account-based serviceapplication may include at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor may execute the instructions to identify a person for flightscreening, determine the person is not a rideshare service applicationaccount holder, enroll the person in a rideshare service application,and transmit a message to facilitate a rideshare service for the personupon arrival.

In various embodiments, a system for computer network interactionbetween a network identity service and an account-based serviceapplication may include at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor may execute the instructions to receive a rideshare serviceapplication request to an airport for a person, determine the person isnot an identity service member, enroll the person in an identityservice, and provide direction to an identity service facility uponarrival.

In various embodiments, a system for computer network interactionbetween a network identity service and an account-based serviceapplication may include at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor may execute the instructions to receive a rideshare serviceapplication request to an airport for a person, determine the person isan identity service member, arrange for the person to be taken to anidentity service facility upon arrival, identify the person atscreening, determine the person boards a flight, transmit a firstmessage to facilitate a rideshare service for the person on arrival, andtransmit a second message to facilitate food delivery service for theperson to correspond to rideshare completion.

In some embodiments, a system for computer network interaction between anetwork identity service and an account-based service application mayinclude at least one non-transitory storage medium that storesinstructions and at least one processor. The at least one processor mayexecute the instructions to identify a person for flight screening usingthe network identity service, determine the person is a rideshareservice application account holder, and transmit a message to facilitatea rideshare service for the person upon arrival.

In a number of examples, the system further may include a biometricreader device wherein the at least one processor identifies the personby receiving a digital representation of a biometric and comparing thedigital representation of the biometric to stored biometric data. Insome such examples, the digital representation of the biometric mayinclude at least one of a facial image, an iris image, or a retinaimage.

In various examples, the at least one processor may transmit the messageto an electronic device associated with the person. In a number of suchexamples, the message may allow the person to request the rideshareservice. In other such examples, the message may launch a rideshareservice interface application on the electronic device.

In some examples, the at least one processor may transmit the message toan electronic device associated with a rideshare service application. Invarious such examples, the message may initiate the rideshare servicefor the person.

In a number of examples, the at least one processor may determine theperson is the rideshare service application account holder by accessingidentity information stored for the person. In various examples, the atleast one processor may process a payment for the rideshare service. Insome such examples, the at least one processor may process the paymentusing identity information stored for the person.

In various examples the person is a first person and the at least oneprocessor may identify a second person for the flight screening usingthe using the network identity service, determine the second person isnot enrolled in the rideshare service application, and enroll the personin the rideshare service application. In a number of such examples, theat least one processor may facilitate the rideshare service for thesecond person upon arrival.

In some examples, the at least one processor may determine whether theperson boarded a flight before transmitting the message. In a number ofexamples, the message may be a first message and the at least oneprocessor may transmit a second message to facilitate food deliveryservice for the person to correspond to rideshare completion.

In various embodiments, a system for computer network interactionbetween a network identity service and an account-based serviceapplication may include at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor may execute the instructions to receive a rideshare serviceapplication request to an airport for a person, determine the person isan identity service member, and provide direction to an identity servicefacility upon arrival.

In some examples, the person may be a first person, the rideshareservice application request may be a first service application request,and the at least one processor may receive a second rideshare serviceapplication request for a second person, determine the second person isnot enrolled in the network identity service, and enroll the secondperson in the network identity service. In various examples the at leastone processor may use information stored for the second person in arideshare service application associated with the second rideshareservice application request to enroll the second person in the networkidentity service.

In a number of embodiments, a system for computer network interactionbetween a network identity service and an account-based serviceapplication may include at least one non-transitory storage medium thatstores instructions and at least one processor. The at least oneprocessor may execute the instructions to identify a person for securityscreening using the network identity service, determine the person is aservice application account holder, and transmit a message to facilitatea service for the person.

In various examples, the network identity service may biometricallyidentify the person.

As described above and illustrated in the accompanying figures, thepresent disclosure relates to computer network interaction betweennetwork identity services and account-based service applications. Thenetwork identity services and/or account-based service applicationsinteract to exchange data in order to monitor, track, initiate, and/orcooperatively and/or individually perform various functions whileprotecting data that should not be shared and minimizing communicationnetwork usage and hardware and software resources. This interactionenables both to accomplish more and different tasks than they couldindividually while improving operational efficiency of hardware andsoftware components of both.

Although the above illustrates and describes a number of embodiments, itis understood that these are examples. In various implementations,various techniques of individual embodiments may be combined withoutdeparting from the scope of the present disclosure.

The present disclosure recognizes that biometric and/or other personaldata is owned by the person from whom such biometric and/or otherpersonal data is derived. This data can be used to the benefit of thosepeople. For example, biometric data may be used to conveniently andreliably identify and/or authenticate the identity of people, accesssecurely stored financial and/or other information associated with thebiometric data, and so on. This may allow people to avoid repeatedlyproviding physical identification and/or other information.

The present disclosure further recognizes that the entities thatcollect, analyze, store, and/or otherwise use such biometric and/orother personal data should comply with well-established privacy policiesand/or privacy practices. Particularly, such entities should implementand consistently use privacy policies and practices that are generallyrecognized as meeting or exceeding industry or governmental requirementsfor maintaining security and privately maintaining biometric and/orother personal data, including the use of encryption and securitymethods that meets or exceeds industry or government standards. Forexample, biometric and/or other personal data should be collected forlegitimate and reasonable uses and not shared or sold outside of thoselegitimate uses. Further, such collection should occur only afterreceiving the informed consent. Additionally, such entities should takeany needed steps for safeguarding and securing access to such biometricand/or other personal data and ensuring that others with access to thebiometric and/or other personal data adhere to the same privacy policiesand practices. Further, such entities should certify their adherence towidely accepted privacy policies and practices by subjecting themselvesto appropriate third party evaluation.

Additionally, the present disclosure recognizes that people may blockthe use of, storage of, and/or access to biometric and/or other personaldata. Entities who typically collect, analyze, store, and/or otherwiseuse such biometric and/or other personal data should implement andconsistently prevent any collection, analysis, storage, and/or other useof any biometric and/or other personal data blocked by the person fromwhom such biometric and/or other personal data is derived.

In the present disclosure, the methods disclosed may be implemented assets of instructions or software readable by a device. Further, it isunderstood that the specific order or hierarchy of steps in the methodsdisclosed are examples of sample approaches. In other embodiments, thespecific order or hierarchy of steps in the method can be rearrangedwhile remaining within the disclosed subject matter. The accompanyingmethod claims present elements of the various steps in a sample order,and are not necessarily meant to be limited to the specific order orhierarchy presented.

The described disclosure may be provided as a computer program product,or software, that may include a non-transitory machine-readable mediumhaving stored thereon instructions, which may be used to program acomputer system (or other electronic devices) to perform a processaccording to the present disclosure. A non-transitory machine-readablemedium includes any mechanism for storing information in a form (e.g.,software, processing application) readable by a machine (e.g., acomputer). The non-transitory machine-readable medium may take the formof, but is not limited to, a magnetic storage medium (e.g., floppydiskette, video cassette, and so on); optical storage medium (e.g.,CD-ROM); magneto-optical storage medium; read only memory (ROM); randomaccess memory (RAM); erasable programmable memory (e.g., EPROM andEEPROM); flash memory; and so on.

The foregoing description, for purposes of explanation, used specificnomenclature to provide a thorough understanding of the describedembodiments. However, it will be apparent to one skilled in the art thatthe specific details are not required in order to practice the describedembodiments. Thus, the foregoing descriptions of the specificembodiments described herein are presented for purposes of illustrationand description. They are not targeted to be exhaustive or to limit theembodiments to the precise forms disclosed. It will be apparent to oneof ordinary skill in the art that many modifications and variations arepossible in view of the above teachings.

What is claimed is:
 1. A system comprising: at least one non-transitorystorage medium that stores instructions for a computer networkinteraction between an account-based service application offering arideshare service and a network identity service controlling access tostored identity information over a network; and at least one processorthat executes the instructions to: identify a person for flightscreening using the network identity service by: transmitting a digitalrepresentation of a biometric for the person to the network identityservice; and receiving respective identity information for the personfrom the network identity service, the respective identity informationaccessed by the network identity service as a result of comparing thedigital representation of the biometric to biometric data for multiplepeople, the biometric data for the multiple people associated withidentity information for the multiple people; determine that therespective identity information includes account data for the person onthe account-based service application; and transmit, based at least onthe account data, a message to facilitate the rideshare service for theperson upon arrival of a flight; wherein: the account data is exchangedbetween the network identity service and the account-based serviceapplication as part of an open authorization interaction; the openauthorization interaction performs a limited login between the networkidentity service and the account-based service application; and theperson directs the performance of the limited login.
 2. The system ofclaim 1, further comprising a biometric reader device; wherein the atleast one processor identifies the person by: receiving the digitalrepresentation of the biometric; and comparing the digitalrepresentation of the biometric to stored biometric data.
 3. The systemof claim 2, wherein the digital representation of the biometriccomprises at least one of a facial image, an iris image, or a retinaimage.
 4. The system of claim 1, wherein the at least one processortransmits the message to an electronic device associated with theperson.
 5. The system of claim 4, wherein the message allows the personto request the rideshare service.
 6. The system of claim 4, wherein themessage launches a rideshare service interface application on theelectronic device.
 7. The system of claim 1, wherein the at least oneprocessor transmits the message to an electronic device associated withthe account-based service application.
 8. The system of claim 7, whereinthe message initiates the rideshare service for the person.
 9. Thesystem of claim 1, wherein the at least one processor determines theperson is an account-based service application account holder byaccessing identity information stored for the person.
 10. The system ofclaim 1, wherein the at least one processor processes a payment for therideshare service.
 11. The system of claim 10, wherein the at least oneprocessor processes the payment using identity information stored forthe person.
 12. The system of claim 1, wherein: the person is a firstperson; and the at least one processor: identifies a second person forthe flight screening using the network identity service; determines thesecond person is not enrolled in the account-based service application;and enrolls the second person in the account-based service application.13. The system of claim 12, wherein the at least one processorfacilitates the rideshare service for the second person upon arrival.14. The system of claim 1, wherein the at least one processor determineswhether the person boarded the flight before transmitting the message.15. The system of claim 1, wherein: the message is a first message; andthe at least one processor transmits a second message to facilitate fooddelivery service for the person to correspond to completion of therideshare service.
 16. A system comprising: at least one non-transitorystorage medium that stores instructions for a computer networkinteraction between an account-based service application offering arideshare service and a network identity service controlling access tostored identity information over a network; and at least one processorthat executes the instructions to: receive a request on theaccount-based service application for a rideshare to an airport for aperson; identify the person using the network identity service, whereinthe network identity service performs identification by comparingdigital representations of biometrics to biometric data for multiplepeople associated with identity information for the multiple people;determine respective identity information for the person stored by thenetwork identity service includes account data for the person exchangedbetween the network identity service and the account-based serviceapplication as part of an open authorization interaction, wherein theopen authorization interaction performs a limited login between thenetwork identity service and the account-based service application, andthe person directs the performance of the limited login; and providedirection, based at least on the account data, to an identity servicefacility upon arrival of the person at the airport.
 17. The system ofclaim 16, wherein: the person is a first person; the request is a firstrequest for a rideshare; and the at least one processor: receives asecond request for a second person; determines the second person is notenrolled in the network identity service; and enrolls the second personin the network identity service.
 18. The system of claim 17, wherein theat least one processor uses information stored for the second person inthe account-based service application associated with the second requestto enroll the second person in the network identity service.
 19. Asystem comprising: at least one non-transitory storage medium thatstores instructions for a computer network interaction between anaccount-based service application offering one or more goods andservices over the internet, and a network identity service controllingaccess to stored identity information over a network; and at least oneprocessor that executes the instructions to: identify a person forsecurity screening using the network identity service by: transmitting adigital representation of a biometric for the person to the networkidentity service; and receiving respective identity information for theperson from the network identity service, the respective identityinformation accessed by the network identity service as a result ofcomparing the digital representation of the biometric to biometric datafor multiple people, the biometric data for the multiple peopleassociated with identity information for the multiple people; determinethat the respective identity information includes account data for theperson exchanged between the network identity service and theaccount-based service application, the account data exchanged betweenthe network identity service and the account-based service applicationis part of an open authorization interaction; and transmit, based atleast on the account data, a message to facilitate a service for theperson; wherein: the service is a rideshare service; the openauthorization interaction performs a limited login between the networkidentity service and a rideshare service application; and the persondirects the performance of the limited login.
 20. The system of claim19, wherein the network identity service biometrically identifies theperson.